Re: [fw-wiz] Opinions wanted...
- From: "Kurt Buff" <kurt.buff@xxxxxxxxx>
- Date: Sun, 25 Nov 2007 12:27:47 -0800
On Nov 24, 2007 6:29 AM, ArkanoiD <ark@xxxxxxxxx> wrote:
Because firewall *IS* complex thing to operate.
Of course. As I tell people all the time - Computers are the most
complex things ever devised by mankind, and if you expect to be able
to use them at all effectively without learning a ton, you're setting
yourself up for failure and frustration.
If you stick to
"reasonable heuristics and defaults" as Checkpoint offers,
your firewall is just not operated at all as its configuration
does represent Checkpoint's view on network security policy, not
yours. That's why i always say "if Checkpoint is ok for you,
better get training or outsource your firewall administration
completely". There are too many configuration issues that are
far from being transparent and if you care exactly WHAT does
your firewall do Checkpoint is extremely hard to operate.
Indeed. I'm hoping that my company will get the money together for
training, though if necessary I'll study it on my own - whichever way
it goes, I'll have good experience, and will learn what the company is
willing to invest in keeping me once having learned - the more they
pay for training, the more I'm willing to stay.
The question is more about the differential between Checkpoint and
Sidewinder than any absolute measure of complexity.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] Opinions wanted...
- From: Kurt Buff
- Re: [fw-wiz] Opinions wanted...
- From: ArkanoiD
- [fw-wiz] Opinions wanted...
- Prev by Date: Re: [fw-wiz] Opinions wanted...
- Next by Date: Re: [fw-wiz] How to find hidden host within LAN
- Previous by thread: Re: [fw-wiz] Opinions wanted...
- Next by thread: Re: [fw-wiz] Opinions wanted...
- Index(es):
Relevant Pages
|
